Re: blocking ports

[Seth Vidal <skvidal@phy.duke.edu>]

> 1)
> I want to block certain services for the outside world (like lpd etc) but NOT for the inside network
> I thought I could block it with ipchains -A input -p tcp -d xxx.xxx.xxx.xxx 515 -j DENY
> But if I telnet from a outside host to that port I can still connect
> Well I think thats because the INPUT policy is ACCEPT (I think change that to DENY is rather not a good idea)
> Is there another solutions for this ?

to block services from the outside world to port 515 you'd probably need
something like this
-A input -s 0/0 -d yourip 515 -j DENY

That would clip attempted connections anywhere on any port to you on port
515.

As another option I explictly allow from the network/hosts I want to have
access to it then deny from everyone else so.

-A input -s mytrustedhosts -d yourip 515 -j ACCEPT
-A input -s 0/0 -d yourip 515 -j DENY

> -------------------------------------------
> 
> 2)
> #showmount -e localhost
> mount clntudp_create: RPC: Program not registered

> 
> #less /etc/host.allow  : 
> [CUT]
> portmap: 127.0.0.1
> 
> #ps -aux |grep rpc
> root       957  0.0  0.0  1128    0 ?        SW   May22   0:00 [rpc.rquotad]
> root      1027  0.0  0.1  1776  180 ?        S    May22   0:00 /usr/sbin/rpc.nfsd
> root      1030  0.0  0.0  1776   64 ?        S    May22   0:00 /usr/sbin/rpc.mountd
> root     12793  0.0  0.0     0    0 ?        SW   Jun15   0:00 [rpciod]
> root     13120  0.0  0.0  1304    0 ?        SW   Jul09   0:00 [rpc.ugidd]
> 

is portmap running?
do you have any shares?

do an rpcinfo -p and see what it says.

-sv